Medusa

A modular and parallel login brute-forcer for a variety of protocols.

• Execute brute force against an FTP server using a file containing usernames and a file containing passwords:

medusa -M ftp -h host -U {path/to/username_file} -P {path/to/password_file}

• Execute a login attempt against an HTTP server using the username, password and user-agent specified:

medusa -M HTTP -h host -u {username} -p {password} -m USER-AGENT:"{Agent}"

• Execute a brute force against a MySQL server using a file containing usernames and a hash:

medusa -M mysql -h host -U {path/to/username_file} -p {hash} -m PASS:HASH

• Execute a brute force against a list of SMB servers using a username and a pwdump file:

medusa -M smbnt -H {path/to/hosts_file} -C {path/to/pwdump_file} -u {username} -m PASS:HASH

Copyright © 2014—present the tldr-pages team and contributors.

This work is licensed under the Creative Commons Attribution 4.0 International License (CC-BY).